Ukrainian Hackers Target Russian Drone Maker ‘Gaskar Group’ in Major Cyberattack 

• What Happened: The Ukrainian BO Team claimed a successful Gaskar Group network and server infrastructure breach.
• Assets Impacted: The attackers reportedly disabled over 250 systems and wiped company data and backups.
• Secondary Targets: The BO Team also disclosed the home addresses and family information of Gaskar Group employees.

Ukrainian hacktivists have claimed responsibility for a large-scale cyberattack on Gaskar Group, a prominent Moscow-based drone manufacturer allegedly supplying unmanned aerial vehicles (UAVs) to the Russian military. 

The Cyberattack Operations

The attack, carried out by the BO Team in collaboration with the Ukrainian Cyber Alliance hacktivist group and Ukraine’s military intelligence, reportedly resulted in the destruction of critical infrastructure and massive data loss, according to a statement released on the BO Team’s Telegram channel. 

However, Ukraine prohibited the official use of Telegram amid Russian spying concerns in September 2024.

The attackers reportedly disabled over 250 systems, which included 46 virtual servers and approximately 200 workstations, effectively crippling Gaskar Group’s operational capacity.  

Hackers also claim to have wiped 47 TB of company data alongside 10 TB of backups, ensuring the loss of vital operational and research information. Additionally, they leaked employee data, including personal addresses and family details. 

The ongoing Ukrainian cyber operations also targeted Russian banks and reportedly impacted social apps, internet providers, and public transportation payments in 2024, in the backdrop of the conflict between the two countries.

According to threat intelligence firm Cyble, 31% of hacktivist incidents in Q2 2025 involved industrial control systems (ICS), access-based intrusions, or data breaches, up from 29% the previous quarter.

Impact on Gaskar Group 

The consequences of the attack are likely to ripple through Gaskar Group’s operations, potentially halting or delaying the development and deployment of UAVs used extensively by Russian forces since the 2022 invasion of Ukraine. 

The targeting of drone manufacturing operations is consistent with a broader pattern identified by Cyble that noted that these campaigns primarily focused on energy, manufacturing, and national resilience sectors, often involving the publication of screen recordings showing ICS interference, a tactic mirrored in Ukrainian hacktivist disclosures.

Broader Implications for Cybersecurity and Conflict 

This disruption could weaken the military supply chain, which heavily depends on drones for reconnaissance and combat applications. Ukraine’s cyber capabilities, including the activities of hacktivist groups, have emerged as a key component of its resistance against Russia.  

The Gaskar Group breach underscores the growing weaponization of cyber tools in geopolitical conflicts.

As Cyble notes, the increasing sophistication and collaboration among hacktivist groups suggest that similar ICS-focused attacks may spread beyond current conflict theaters. Exposed infrastructure, especially in the government and energy sectors, remains vulnerable without strong segmentation, OT isolation, and Zero Trust enforcement.